#encoding:UTF-8
class ApplicationController < ActionController::Base
  protect_from_forgery

  check_authorization

  def current_ability
    @current_ability ||= Ability.new(current_user,request.remote_ip)
  end

  def current_user
    if session[:user] != nil
      return session[:user] 
    else
      nil
    end
  end

  rescue_from CanCan::AccessDenied do |exception|
    if current_user == nil
    redirect_to login_url,:alert => exception.message,:from =>"#{exception.subject}/#{exception.action}"
    
    else
      flash[:error] = "哎哟！您好像逛到人家的地盘去了。"
      respond_to  do |format|
        format.html { redirect_to request.referer }
      end
    end
  end



end

